Lucene search
K

45029 matches found

CNNVD
CNNVD
added 2025/12/09 12:0 a.m.2 views

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from improper input validation and could lead to arbitrary command execution...

8.4CVSS6.8AI score0.00704EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-2296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...

8.4CVSS6.1AI score0.00704EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50216

Name of the Vulnerable Software and Affected Versions openmptcprouter versions through 0.64 Description An issue exists in openmptcprouter through version 0.64, specifically within the file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c and the create xor ipad opad function. This...

9.8CVSS6.9AI score0.00593EPSS
Exploits1References6
NVD
NVD
added 2025/12/08 10:16 a.m.5 views

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS0.00477EPSS
Exploits0References1
OSV
OSV
added 2025/12/08 10:16 a.m.4 views

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS7.6AI score0.00477EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 9:26 a.m.5 views

EUVD-2025-201700

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS7.3AI score0.00477EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/08 9:26 a.m.28 views

CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS0.00477EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/08 9:26 a.m.3 views

CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS7.4AI score0.00477EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/08 6:34 a.m.166 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Next.js Exploit Tool 이 도구는 Next.js의 취약점CVE-20...

10CVSS7AI score0.99562EPSS
Exploits372
VulnCheck KEV
VulnCheck KEV
added 2025/12/08 12:0 a.m.7 views

VulnCheck KEV: CVE-2023-52076

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...

8.5CVSS6AI score0.01016EPSS
In wildExploits2References2
Packet Storm
Packet Storm
added 2025/12/08 12:0 a.m.158 views

📄 Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...

8.5AI score
Exploits0
OpenVAS
OpenVAS
added 2025/12/08 12:0 a.m.10 views

Linksys E1200 Router Firmware <= 2.0.11.001 Multiple Vulnerabilities

Linksys E1200 routers are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS7.5AI score0.08842EPSS
Exploits8References6
Packet Storm
Packet Storm
added 2025/12/08 12:0 a.m.201 views

📄 Cacti 1.2.29 Remote Command Execution

Proof of concept exploit that demonstrates how authenticated users with access to Graph Templates in Cacti can abuse RRD invocation parameters to write arbitrary PHP files, then trigger execution leading to remote command execution. Version 1.2.29 is affected...

8.8CVSS9.5AI score0.51488EPSS
Exploits10
GithubExploit
GithubExploit
added 2025/12/07 6:54 p.m.323 views

CS-Cart-POC

CS-Cart RCE & LFI Exploit Developed by: Strikoder Tes...

7.6AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/07 11:49 a.m.169 views

Exploit for CVE-2025-9074

CVE-2025-9074 Exploit Tool A sophisticated exploitation frame...

9.3CVSS7.9AI score0.01594EPSS
Exploits15
OSV
OSV
added 2025/12/06 5:35 p.m.2 views

MAL-2025-192361 Malicious code in datadog-checks-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c81f3e37fe2d626410665826364d682e76edf32642b1cf36d4b12b987a9b102 The package datadog-checks-base was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
OSV
OSV
added 2025/12/06 4:25 p.m.4 views

MAL-2025-192362 Malicious code in evil-rce2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 63a6a4d1f5ad55b3b2b836b95a7153f322bb4ea2f718f665a51a4a94f32576d5 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

7.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/06 4:24 p.m.8 views

Malicious code in telco (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 55c8199592663c3f388cba22988800084bbc3a5696279eb22c53e837c1d8ac40 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

7.6AI score
Exploits0References1
OSV
OSV
added 2025/12/06 4:23 p.m.2 views

MAL-2025-192353 Malicious code in fdir1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba081e2ca3fffe519e73fc13330df7332fbaf118aa8f6c193b43e9b2ce8a5ce The package fdir1 was found to contain malicious code. Source: ossf-package-analysis 8f5aefdb4168145eaa4b092c9e5f4fbd482f9fbd1fc0328b3272f3e2067731e8...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/06 4:23 p.m.5 views

Malicious code in ssf-desktop-api-openfin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367b2689b7d50c48e26747ef1edce3a36165d64fd361ad3fc19f1c52fce204f9 The package ssf-desktop-api-openfin was found to contain malicious code. Source: ossf-package-analysis...

7.1AI score
Exploits0
Rows per page
Query Builder